scope:

This part of ISO/IEC 29167 defines the architecture for security services for the ISO/IEC 18000 air interfaces standards for radio frequency identification (RFID) devices. Its purpose is to provide a common technical specification for optional security services for RFID devices that may be used by ISO committees developing RFID application standards. This part of ISO/IEC 29167 defines various security features called security mechanisms that than can be implemented by a tag depending on the application. A tag may support one, a subset, or all of the specified security mechanisms. For an interrogator it is possible to get information about the security mechanisms that are actually implemented and supported by a tag. Moreover, it has been considered that adding new security mechanisms remains possible. Besides signaling the presence of certain security services, further details of the mechanisms such as utilized encryption algorithm and key length also need to be specified and accessible. This part of ISO/IEC 29167 defines the requirements for crypto suites defined in further parts of this international standard and furthermore defines how crypto suites identifiers are assigned to the various parts of this international standard. ISO/IEC 29167 covers a number of cryptographic suites designed for protecting application information transmitted across the RFID air interface, product authentication and protecting access to resources on the tag. Suite implementations relative to specific ISO/IEC 18000 series RFID air interface standards, where relevant, are described in the Annexes of each cryptographic suite. Users should be aware that they must assess their own risk management needs for their application (e.g. amount of necessary security features, management of keys, etc.) in order to determine the appropriate suite for implementation.